NTT warns businesses after “dramatic” rise in coin mining malware

NTT Security researchers has warned of a “dramatic increase” in the use of cryptocurrency mining malware, identifying 12,000 malware samples designed to mine Monero (XMR), a form of cryptocurrency that provides its users with high levels of anonymity.

Some 66 per cent of the samples were identified between November and December 2017, indicating a surge in the use of the malware, they highlighted.

Terrance DeJesus, Threat Research Analyst at NTT Security, said: “Generating a profit from mining [crypto] currency has become more time consuming and costly. Cyber criminals have therefore taken to developing malware in an attempt to overcome the barriers to entry.

He added: “Monero mining malware is installed on the victim’s computer or smartphone without their knowledge and, once installed, it uses the victim’s computing resources and electricity supply to mine cryptocurrencies… Device owners might not suspect a thing.”

NTT researchers identified both 32-bit and 64-bit samples for Linux, as well as Windows systems, but most were for Windows. They said in the report: “This finding aligned with [our] previous research, where researchers had observed miners being dropped via phishing emails, as well as post-exploitation on vulnerable Apache Struts and JBoss web servers.”

The report comes as the Australian Federal Police launched an investigation into alleged use of powerful computers at the country’s Bureau of Meteorology, in an “elaborate” scheme to mine cryptocurrencies. Two employees at the Bureau are reported to be under investigation.

Cryptocurrencies are created by computers that have been tasked with solving complex mathematical formulas that become more difficult to solve over time, requiring miners to harness more computational power. The process is known as “mining” and it is becoming increasingly expensive as more computational and electrical resource are required to do so.

Such computers are an ideal target, as the more “hashing” power a system has, the greater number of transactions the system can confirm.

Last month research conducted by Elite Fixtures – a subsidiary of the US’s Crescent Electric Supply Company – analysed the cost of mining a bitcoin (the best known cryptocurrency) around the world. They based the calculations on average electricity rates according to local government data, utility company reports, and/or information from the International Energy Agency, the U.S. Energy Information Administration and currency-data company Oanda.

It found that the cheapest place to mine a bitcoin was Venezuela, at $531, while in South Korea it would cost an estimated $26,170 owing in part to tight capital controls on bitcoin.

NTT’s report concludes: “The use of coin miners will, without a doubt, grow and become more advanced in time, possibly being built into other malware types such as banking Trojans, as well as ransomware. [We] encourage the community and fellow researchers to continue hunting down cryptocurrency miners and sharing their findings.”